03-22-2023 11:48 AM
Scenario: I'm on ASA 5555
Users/AAA > AAA Server Groups > LOCAL Server Group
Edit > Enable Local User Lockout > Maximum Attempts = 3
I can't find any info about how/where to unlock an account or if it happens automatically.
Solved! Go to Solution.
03-22-2023 01:12 PM
From ASA 9.17 - The ASA can lock out local users after a configurable number of failed login attempts. This feature did not apply to users with privilege level 15. Also, a user would be locked out indefinitely until an admin unlocked their account. Now, users will be unlocked after 10 minutes (from 9.17) unless an admin uses the clear aaa local user lockout command before then. Privilege level 15 users are also now affected by the lockout setting.
Unfortunately 9.17 is not available on the ASA 5555 hardware you are running, so you'd have to manually unlock the accounts.
03-22-2023 01:12 PM
From ASA 9.17 - The ASA can lock out local users after a configurable number of failed login attempts. This feature did not apply to users with privilege level 15. Also, a user would be locked out indefinitely until an admin unlocked their account. Now, users will be unlocked after 10 minutes (from 9.17) unless an admin uses the clear aaa local user lockout command before then. Privilege level 15 users are also now affected by the lockout setting.
Unfortunately 9.17 is not available on the ASA 5555 hardware you are running, so you'd have to manually unlock the accounts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide